Joplin 3.3.3 Server - Privilege Escalation

Joplin is a free, open source note taking and to-do application, which can handle a large number of notes organised into notebooks. Prior to version 3.3.3, a privilege escalation vulnerability exists in the Joplin server, allowing non-admin users to exploit the API endpoint PATCH /api/users/-id t...

UBUNTU-CVE-2026-10705

A flaw has been found in dask up to 3.0. Affected by this issue is the...

CVE-2026-40989

CVE-2026-40989 affects Spring Cloud Function lineages (3.2.x, 4.1.x, 4.2.x, 4.3.x, 5.0.x) with older/unsupported versions also impacted. The issue is an infinite recursion in the routing layer that can cause an Out-Of-Memory (OOM) condition during request handling. The root cause is not fully dis...

CVE-2026-42682 WordPress wpForo Forum plugin <= 3.0.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in Tomdever wpForo Forum allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects wpForo Forum: from n/a through 3.0.6...

EUVD-2026-33580

A bug in Apache Airflow's KubernetesExecutor caused JWT tokens used by worker pods to authenticate against the Execution API to be passed to the worker container as command-line arguments visible in the pod spec. An authenticated UI/API user with Kubernetes read-only access to the cluster e.g...

[SECURITY] Fedora 43 Update: nginx-mod-modsecurity-1.0.4-11.fc43

The ModSecurity-nginx connector is the connection point between nginx and libmodsecurity ModSecurity v3. Said another way, this project provides a communication channel between nginx and libmodsecurity. This connector is required to use LibModSecurity with nginx. The ModSecurity-nginx connector...

PT-2026-45502

A weakness has been identified in Enderfga claw-orchestrator up to 3.5.5. This affects the function EmbeddedServer of the file src/embedded-server.ts of the component API Endpoint. This manipulation causes missing authentication. The attack may be initiated remotely. The exploit has been made...

ArmCode Arm Whois security vulnerability

ArmCode Arm Whois is a web information query tool developed by ArmCode Corporation. Version 3.11 of ArmCode Arm Whois contains a security vulnerability. This vulnerability stems from a stack buffer overflow, which could allow remote attackers to execute arbitrary code by providing excessive input...

Exploit for CVE-2026-8836

CVE-2026-8836 — lwIP SNMPv3 Stack Overflow PoC Proof of conce...

EUVD-2018-21945

Arm Whois 3.11 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized input string. Attackers can paste a malicious buffer of 700 bytes into the IP address or domain input field to trigger a denial of service condition...

EUVD-2026-33258

The Media Library Assistant plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.35 This is due to missing nonce verification on the bulk action handlers in the settings tab handlers. This makes it possible for unauthenticated attackers to trick an...

CVE-2026-10039

The CVE-2026-10039 entry concerns the WordPress plugin Frontend Admin by DynamiApps. Affected versions up to and including 3.28.28 are vulnerable to a generic SQL Injection via the 'order' parameter due to insufficient escaping of user input and inadequate preparation of the existing SQL query. A...

PT-2026-44982

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.26.0 Description A heap-buffer-overflow write can be triggered in the client when connecting to a malicious RDP server that sends crafted RDPGFX PDUs Protocol Data Units. The issue occurs in the gdi CacheToSurface...

CVE-2026-6891

Improper handling of symbolic links in the installer of My Image Garden for macOS Version 3.6.8 or earlier may allow a local attacker with login privileges to exploit a specially crafted symbolic link during installation to modify permissions of files for which they would not normally have...

EUVD-2026-32959

electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to 3.9.5, deterministic AES-192-CBC with a fixed zero IV, constant KDF salt, and no MAC leads to confidentiality and integrity failures for synced bookmark/profile data. Attackers can crack common...

CVE-2026-9813 FlowIntel external reference URL probe allows server-side request forgery

FlowIntel up to version 3.3.0 contains a server-side request forgery SSRF vulnerability in the external reference URL probe functionality in app/case/task.py. An attacker who can submit an external reference URL can cause the application server to issue an HTTP HEAD request to an attacker-specifi...

Inefficient Algorithmic Complexity

Overview Affected versions of this package are vulnerable to Inefficient Algorithmic Complexity via the BER data parsing process. An attacker can cause excessive resource consumption and service disruption by submitting specially crafted indefinite length encodings. Remediation Upgrade botan to...

CVE-2026-48151

Budibase is an open-source low-code platform. Prior to 3.39.0, the webhook schema-building endpoint is registered under builderRoutes, but the generic authorization middleware skips authorization for all paths matching /api/webhooks/schema. As a result, an unauthenticated caller can update the bo...

CVE-2026-44378

Botan is a C++ cryptography library. Prior to 3.12.0, certain patterns of indefinite length encodings in BER data could cause quadratic behavior in the parser, resulting in a denial of service. Such BER encodings were accepted even in structures which are required to be encoded as DER, which...

WordPress Easy Digital Downloads – eCommerce Payments and Subscriptions made easy plugin <= 3.6.7 - Cross-Site Request Forgery to Payment Account Hijacking vulnerability

Cross-Site Request Forgery to Payment Account Hijacking vulnerability discovered by type5afe in WordPress Plugin Easy Digital Downloads versions = 3.6.7...